nextcloud /
server
@@ -1,5 +1,5 @@ |
||
| 1 | 1 | <?php |
| 2 | -declare(strict_types=1); |
|
| 2 | +declare(strict_types = 1); |
|
| 3 | 3 | /** |
| 4 | 4 | * @copyright Copyright (c) 2016, ownCloud, Inc. |
| 5 | 5 | * |
@@ -1,5 +1,5 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | -declare(strict_types=1); |
|
| 2 | +declare(strict_types = 1); |
|
| 3 | 3 | /** |
| 4 | 4 | * @copyright Copyright (c) 2016, ownCloud, Inc. |
| 5 | 5 | * |
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | * @param string $stream |
| 133 | 133 | * @see http://www.php.net/manual/en/reserved.variables.php |
| 134 | 134 | */ |
| 135 | - public function __construct(array $vars= [], |
|
| 135 | + public function __construct(array $vars = [], |
|
| 136 | 136 | ISecureRandom $secureRandom = null, |
| 137 | 137 | IConfig $config, |
| 138 | 138 | CsrfTokenManager $csrfTokenManager = null, |
@@ -143,11 +143,11 @@ discard block |
||
| 143 | 143 | $this->config = $config; |
| 144 | 144 | $this->csrfTokenManager = $csrfTokenManager; |
| 145 | 145 | |
| 146 | - if(!array_key_exists('method', $vars)) { |
|
| 146 | + if (!array_key_exists('method', $vars)) { |
|
| 147 | 147 | $vars['method'] = 'GET'; |
| 148 | 148 | } |
| 149 | 149 | |
| 150 | - foreach($this->allowedKeys as $name) { |
|
| 150 | + foreach ($this->allowedKeys as $name) { |
|
| 151 | 151 | $this->items[$name] = isset($vars[$name]) |
| 152 | 152 | ? $vars[$name] |
| 153 | 153 | : []; |
@@ -257,12 +257,12 @@ discard block |
||
| 257 | 257 | * @return mixed|null |
| 258 | 258 | */ |
| 259 | 259 | public function __get($name) { |
| 260 | - switch($name) { |
|
| 260 | + switch ($name) { |
|
| 261 | 261 | case 'put': |
| 262 | 262 | case 'patch': |
| 263 | 263 | case 'get': |
| 264 | 264 | case 'post': |
| 265 | - if($this->method !== strtoupper($name)) { |
|
| 265 | + if ($this->method !== strtoupper($name)) { |
|
| 266 | 266 | throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method)); |
| 267 | 267 | } |
| 268 | 268 | return $this->getContent(); |
@@ -313,14 +313,14 @@ discard block |
||
| 313 | 313 | */ |
| 314 | 314 | public function getHeader(string $name): string { |
| 315 | 315 | |
| 316 | - $name = strtoupper(str_replace('-', '_',$name)); |
|
| 317 | - if (isset($this->server['HTTP_' . $name])) { |
|
| 318 | - return $this->server['HTTP_' . $name]; |
|
| 316 | + $name = strtoupper(str_replace('-', '_', $name)); |
|
| 317 | + if (isset($this->server['HTTP_'.$name])) { |
|
| 318 | + return $this->server['HTTP_'.$name]; |
|
| 319 | 319 | } |
| 320 | 320 | |
| 321 | 321 | // There's a few headers that seem to end up in the top-level |
| 322 | 322 | // server array. |
| 323 | - switch($name) { |
|
| 323 | + switch ($name) { |
|
| 324 | 324 | case 'CONTENT_TYPE' : |
| 325 | 325 | case 'CONTENT_LENGTH' : |
| 326 | 326 | if (isset($this->server[$name])) { |
@@ -441,21 +441,21 @@ discard block |
||
| 441 | 441 | // 'application/json' must be decoded manually. |
| 442 | 442 | if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) { |
| 443 | 443 | $params = json_decode(file_get_contents($this->inputStream), true); |
| 444 | - if($params !== null && \count($params) > 0) { |
|
| 444 | + if ($params !== null && \count($params) > 0) { |
|
| 445 | 445 | $this->items['params'] = $params; |
| 446 | - if($this->method === 'POST') { |
|
| 446 | + if ($this->method === 'POST') { |
|
| 447 | 447 | $this->items['post'] = $params; |
| 448 | 448 | } |
| 449 | 449 | } |
| 450 | 450 | |
| 451 | 451 | // Handle application/x-www-form-urlencoded for methods other than GET |
| 452 | 452 | // or post correctly |
| 453 | - } elseif($this->method !== 'GET' |
|
| 453 | + } elseif ($this->method !== 'GET' |
|
| 454 | 454 | && $this->method !== 'POST' |
| 455 | 455 | && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) { |
| 456 | 456 | |
| 457 | 457 | parse_str(file_get_contents($this->inputStream), $params); |
| 458 | - if(\is_array($params)) { |
|
| 458 | + if (\is_array($params)) { |
|
| 459 | 459 | $this->items['params'] = $params; |
| 460 | 460 | } |
| 461 | 461 | } |
@@ -472,11 +472,11 @@ discard block |
||
| 472 | 472 | * @return bool true if CSRF check passed |
| 473 | 473 | */ |
| 474 | 474 | public function passesCSRFCheck(): bool { |
| 475 | - if($this->csrfTokenManager === null) { |
|
| 475 | + if ($this->csrfTokenManager === null) { |
|
| 476 | 476 | return false; |
| 477 | 477 | } |
| 478 | 478 | |
| 479 | - if(!$this->passesStrictCookieCheck()) { |
|
| 479 | + if (!$this->passesStrictCookieCheck()) { |
|
| 480 | 480 | return false; |
| 481 | 481 | } |
| 482 | 482 | |
@@ -504,7 +504,7 @@ discard block |
||
| 504 | 504 | if ($this->getHeader('OCS-APIREQUEST')) { |
| 505 | 505 | return false; |
| 506 | 506 | } |
| 507 | - if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 507 | + if ($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 508 | 508 | return false; |
| 509 | 509 | } |
| 510 | 510 | |
@@ -529,7 +529,7 @@ discard block |
||
| 529 | 529 | protected function getProtectedCookieName(string $name): string { |
| 530 | 530 | $cookieParams = $this->getCookieParams(); |
| 531 | 531 | $prefix = ''; |
| 532 | - if($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 532 | + if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 533 | 533 | $prefix = '__Host-'; |
| 534 | 534 | } |
| 535 | 535 | |
@@ -544,12 +544,12 @@ discard block |
||
| 544 | 544 | * @since 9.1.0 |
| 545 | 545 | */ |
| 546 | 546 | public function passesStrictCookieCheck(): bool { |
| 547 | - if(!$this->cookieCheckRequired()) { |
|
| 547 | + if (!$this->cookieCheckRequired()) { |
|
| 548 | 548 | return true; |
| 549 | 549 | } |
| 550 | 550 | |
| 551 | 551 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict'); |
| 552 | - if($this->getCookie($cookieName) === 'true' |
|
| 552 | + if ($this->getCookie($cookieName) === 'true' |
|
| 553 | 553 | && $this->passesLaxCookieCheck()) { |
| 554 | 554 | return true; |
| 555 | 555 | } |
@@ -564,12 +564,12 @@ discard block |
||
| 564 | 564 | * @since 9.1.0 |
| 565 | 565 | */ |
| 566 | 566 | public function passesLaxCookieCheck(): bool { |
| 567 | - if(!$this->cookieCheckRequired()) { |
|
| 567 | + if (!$this->cookieCheckRequired()) { |
|
| 568 | 568 | return true; |
| 569 | 569 | } |
| 570 | 570 | |
| 571 | 571 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax'); |
| 572 | - if($this->getCookie($cookieName) === 'true') { |
|
| 572 | + if ($this->getCookie($cookieName) === 'true') { |
|
| 573 | 573 | return true; |
| 574 | 574 | } |
| 575 | 575 | return false; |
@@ -582,12 +582,12 @@ discard block |
||
| 582 | 582 | * @return string |
| 583 | 583 | */ |
| 584 | 584 | public function getId(): string { |
| 585 | - if(isset($this->server['UNIQUE_ID'])) { |
|
| 585 | + if (isset($this->server['UNIQUE_ID'])) { |
|
| 586 | 586 | return $this->server['UNIQUE_ID']; |
| 587 | 587 | } |
| 588 | 588 | |
| 589 | - if(empty($this->requestId)) { |
|
| 590 | - $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; |
|
| 589 | + if (empty($this->requestId)) { |
|
| 590 | + $validChars = ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS; |
|
| 591 | 591 | $this->requestId = $this->secureRandom->generate(20, $validChars); |
| 592 | 592 | } |
| 593 | 593 | |
@@ -605,15 +605,15 @@ discard block |
||
| 605 | 605 | $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 606 | 606 | $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); |
| 607 | 607 | |
| 608 | - if(\is_array($trustedProxies) && \in_array($remoteAddress, $trustedProxies)) { |
|
| 608 | + if (\is_array($trustedProxies) && \in_array($remoteAddress, $trustedProxies)) { |
|
| 609 | 609 | $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [ |
| 610 | 610 | 'HTTP_X_FORWARDED_FOR' |
| 611 | 611 | // only have one default, so we cannot ship an insecure product out of the box |
| 612 | 612 | ]); |
| 613 | 613 | |
| 614 | - foreach($forwardedForHeaders as $header) { |
|
| 615 | - if(isset($this->server[$header])) { |
|
| 616 | - foreach(explode(',', $this->server[$header]) as $IP) { |
|
| 614 | + foreach ($forwardedForHeaders as $header) { |
|
| 615 | + if (isset($this->server[$header])) { |
|
| 616 | + foreach (explode(',', $this->server[$header]) as $IP) { |
|
| 617 | 617 | $IP = trim($IP); |
| 618 | 618 | if (filter_var($IP, FILTER_VALIDATE_IP) !== false) { |
| 619 | 619 | return $IP; |
@@ -632,7 +632,7 @@ discard block |
||
| 632 | 632 | * @return bool |
| 633 | 633 | */ |
| 634 | 634 | private function isOverwriteCondition(string $type = ''): bool { |
| 635 | - $regex = '/' . $this->config->getSystemValue('overwritecondaddr', '') . '/'; |
|
| 635 | + $regex = '/'.$this->config->getSystemValue('overwritecondaddr', '').'/'; |
|
| 636 | 636 | $remoteAddr = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 637 | 637 | return $regex === '//' || preg_match($regex, $remoteAddr) === 1 |
| 638 | 638 | || $type !== 'protocol'; |
@@ -644,7 +644,7 @@ discard block |
||
| 644 | 644 | * @return string Server protocol (http or https) |
| 645 | 645 | */ |
| 646 | 646 | public function getServerProtocol(): string { |
| 647 | - if($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 647 | + if ($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 648 | 648 | && $this->isOverwriteCondition('protocol')) { |
| 649 | 649 | return $this->config->getSystemValue('overwriteprotocol'); |
| 650 | 650 | } |
@@ -690,7 +690,7 @@ discard block |
||
| 690 | 690 | 'HTTP/2', |
| 691 | 691 | ]; |
| 692 | 692 | |
| 693 | - if(\in_array($claimedProtocol, $validProtocols, true)) { |
|
| 693 | + if (\in_array($claimedProtocol, $validProtocols, true)) { |
|
| 694 | 694 | return $claimedProtocol; |
| 695 | 695 | } |
| 696 | 696 | |
@@ -704,8 +704,8 @@ discard block |
||
| 704 | 704 | */ |
| 705 | 705 | public function getRequestUri(): string { |
| 706 | 706 | $uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 707 | - if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 708 | - $uri = $this->getScriptName() . substr($uri, \strlen($this->server['SCRIPT_NAME'])); |
|
| 707 | + if ($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 708 | + $uri = $this->getScriptName().substr($uri, \strlen($this->server['SCRIPT_NAME'])); |
|
| 709 | 709 | } |
| 710 | 710 | return $uri; |
| 711 | 711 | } |
@@ -719,7 +719,7 @@ discard block |
||
| 719 | 719 | $requestUri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 720 | 720 | // remove too many leading slashes - can be caused by reverse proxy configuration |
| 721 | 721 | if (strpos($requestUri, '/') === 0) { |
| 722 | - $requestUri = '/' . ltrim($requestUri, '/'); |
|
| 722 | + $requestUri = '/'.ltrim($requestUri, '/'); |
|
| 723 | 723 | } |
| 724 | 724 | |
| 725 | 725 | $requestUri = preg_replace('%/{2,}%', '/', $requestUri); |
@@ -736,7 +736,7 @@ discard block |
||
| 736 | 736 | // FIXME: Sabre does not really belong here |
| 737 | 737 | list($path, $name) = \Sabre\Uri\split($scriptName); |
| 738 | 738 | if (!empty($path)) { |
| 739 | - if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 739 | + if ($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 740 | 740 | $pathInfo = substr($pathInfo, \strlen($path)); |
| 741 | 741 | } else { |
| 742 | 742 | throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); |
@@ -752,7 +752,7 @@ discard block |
||
| 752 | 752 | if ($name !== '' && strpos($pathInfo, $name) === 0) { |
| 753 | 753 | $pathInfo = substr($pathInfo, \strlen($name)); |
| 754 | 754 | } |
| 755 | - if($pathInfo === false || $pathInfo === '/'){ |
|
| 755 | + if ($pathInfo === false || $pathInfo === '/') { |
|
| 756 | 756 | return ''; |
| 757 | 757 | } else { |
| 758 | 758 | return $pathInfo; |
@@ -770,7 +770,7 @@ discard block |
||
| 770 | 770 | $pathInfo = rawurldecode($pathInfo); |
| 771 | 771 | $encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']); |
| 772 | 772 | |
| 773 | - switch($encoding) { |
|
| 773 | + switch ($encoding) { |
|
| 774 | 774 | case 'ISO-8859-1' : |
| 775 | 775 | $pathInfo = utf8_encode($pathInfo); |
| 776 | 776 | } |
@@ -786,12 +786,12 @@ discard block |
||
| 786 | 786 | */ |
| 787 | 787 | public function getScriptName(): string { |
| 788 | 788 | $name = $this->server['SCRIPT_NAME']; |
| 789 | - $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 789 | + $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 790 | 790 | if ($overwriteWebRoot !== '' && $this->isOverwriteCondition()) { |
| 791 | 791 | // FIXME: This code is untestable due to __DIR__, also that hardcoded path is really dangerous |
| 792 | 792 | $serverRoot = str_replace('\\', '/', substr(__DIR__, 0, -\strlen('lib/private/appframework/http/'))); |
| 793 | 793 | $suburi = str_replace('\\', '/', substr(realpath($this->server['SCRIPT_FILENAME']), \strlen($serverRoot))); |
| 794 | - $name = '/' . ltrim($overwriteWebRoot . $suburi, '/'); |
|
| 794 | + $name = '/'.ltrim($overwriteWebRoot.$suburi, '/'); |
|
| 795 | 795 | } |
| 796 | 796 | return $name; |
| 797 | 797 | } |
@@ -861,7 +861,7 @@ discard block |
||
| 861 | 861 | return $host; |
| 862 | 862 | } else { |
| 863 | 863 | $trustedList = $this->config->getSystemValue('trusted_domains', []); |
| 864 | - if(!empty($trustedList)) { |
|
| 864 | + if (!empty($trustedList)) { |
|
| 865 | 865 | return $trustedList[0]; |
| 866 | 866 | } else { |
| 867 | 867 | return ''; |
@@ -876,7 +876,7 @@ discard block |
||
| 876 | 876 | * isn't met |
| 877 | 877 | */ |
| 878 | 878 | private function getOverwriteHost() { |
| 879 | - if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 879 | + if ($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 880 | 880 | return $this->config->getSystemValue('overwritehost'); |
| 881 | 881 | } |
| 882 | 882 | return null; |
